lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 14 Nov 2019 11:30:14 +0100
From:   Miklos Szeredi <miklos@...redi.hu>
To:     Colin King <colin.king@...onical.com>
Cc:     Miklos Szeredi <mszeredi@...hat.com>,
        Amir Goldstein <amir73il@...il.com>,
        overlayfs <linux-unionfs@...r.kernel.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH][V4] ovl: fix lookup failure on multi lower squashfs

On Wed, Nov 13, 2019 at 9:06 PM Colin King <colin.king@...onical.com> wrote:
>
> From: Amir Goldstein <amir73il@...il.com>
>
> In the past, overlayfs required that lower fs have non null
> uuid in order to support nfs export and decode copy up origin file handles.
>
> Commit 9df085f3c9a2 ("ovl: relax requirement for non null uuid of
> lower fs") relaxed this requirement for nfs export support, as long
> as uuid (even if null) is unique among all lower fs.

I see another corner case:

n- two filesystems, A and B, both have null uuid
 - upper layer is on A
 - lower layer 1 is also on A
 - lower layer 2 is on B

In this case bad_uuid won't be set for B, because the check only
involves the list of lower fs.  Hence we'll try to decode a layer 2
origin on layer 1 and fail.

Can we fix this without special casing lower layer fsid == 0 in
various places?  I guess that involves using lower_fs[0] for the
fsid=0 case (i.e. index lower_fs by fsid, rather than (fsid -1)).
Probably warrants a separate patch.

Thanks,
Miklos

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ